Description

On log rotation, nginx seems to process ​as documented: the log file is created as root, then ownership is changed to the user nginx is configured to run with and workers can then open file descriptors to it.

However, on startup or on reload (SIGHUP), thoss log files are created with ownership root:root.

It does not seem that worker processes, without a specific umask (standard files created with permissions 644), might be able to directly open file descriptors to log files.
Nonwithstanding, it seems logging runs well when log files are created as root:root.

It seems several points are unclear:

How come log files are not create with the user nginx is configured to run with when those log files are created on startup or reload (SIGHUP)?

How is logging working when files created in those conditions cannot be written to by userspace processes such as nginx workers?

Oldest firstNewest firstThreaded

Show comments
Show property changes

Change History
(1)

On startup and on reload, log files are opened by the master process and relevant file descriptors are inherited though fork() into worker processes. As such, worker processes do not need any additional permissions to write to these files.

For further questions on how nginx works, please use ​support options available. Asking questions in Trac is discouraged, it is to track bugs, not to ask questions.